Recent reports reveal a rise in cybercriminals hijacking and reselling access to exposed AI infrastructure. While many organizations worry about cryptomining attacks, hackers are now targeting large language models (LLMs) and related endpoints. These campaigns pose a new threat to companies relying on AI tools for support, data processing, and automation.

Widespread Attacks on AI Infrastructure

Researchers from Pillar Security have uncovered large-scale operations targeting unsecured AI systems. Their investigations show hackers scanning the internet for exposed LLM endpoints, such as AI-powered chatbots on websites. In just a few weeks, their honeypots recorded over 35,000 attack sessions. These attacks aren’t isolated; they form a growing business run by small criminal groups rather than nation-states.

The goal is to steal computing resources by making unauthorized requests to AI models. Hackers also aim to resell API access at discounted prices through underground marketplaces. They can exfiltrate conversation data and even access internal systems by compromising servers connected to LLMs. This broad range of activities shows how vulnerable AI infrastructure has become.

How Hackers Find and Exploit Exposed Endpoints

The threat actors use common tools like Shodan and Censys to locate open AI endpoints. These are often misconfigured or left accessible without proper security measures. Examples include AI models running on default ports or APIs exposed without authentication. Development or staging environments with public IPs are also targeted because they often lack basic protections.

Specific vulnerabilities include open Ollama ports on port 11434, APIs compatible with OpenAI on port 8000, and MCP servers connecting AI models to internal systems like databases and file servers. Hackers leverage these weak spots for their campaigns, exploiting the low level of technical knowledge needed to carry out such attacks. This makes the threat accessible even to small groups with limited expertise.

Implications and Recommendations for Organizations

This growing trend could lead to serious consequences if left unchecked. Unauthorized use of AI resources can result in increased costs, data breaches, and internal system compromises. Experts warn that organizations deploying self-hosted models or using MCP servers need to act quickly to secure their endpoints.

Proper configuration, strong access controls, and regular security audits are essential. Organizations should avoid leaving AI endpoints exposed on default ports or with open APIs. Implementing authentication and monitoring can help detect suspicious activities early. The rise of these attacks highlights the importance of securing AI infrastructure as part of overall cybersecurity strategies.

As cybercriminals continue to develop sophisticated methods, staying vigilant is crucial. Protecting AI systems from hijacking and resale not only saves costs but also shields sensitive data and internal assets from exploitation. Organizations are encouraged to review their AI deployment practices and tighten security measures to prevent falling victim to these emerging threats.

Inspired by

• https://www.infoworld.com/article/4123930/crooks-are-hijacking-and-reselling-ai-infrastructure-report-3.html

Sources

• pillar.security
• josephsteinberg.com
• csoonline.com